Solved

VPN not working with TMG 2010

Posted on 2012-04-04
11
1,489 Views
Last Modified: 2012-05-05
Dear All,

I have TMG 2010 standalone array (2 servers), I configure the VPN, when I try to connect using VPN, it’s work fine, I can connect, but still I can’t see anything in my network.

When I check TMG, I found the error attached.

I attached the network configuration in my TMG servers and the Route Print.

What I have to do to make them work?

Thanks
route-print.JPG
IP-for-VPN-in-TMG.JPG
Internal-Addresses.JPG
error.JPG
0
Comment
Question by:ACS2012
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 6

Accepted Solution

by:
emadallan earned 250 total points
ID: 37805365
0
 
LVL 2

Assisted Solution

by:jpvargassoruco
jpvargassoruco earned 250 total points
ID: 37805774
IP-for-VPN-in-TMG.JPG here I can see that you are using a diferent range of IP addresses, This range needs to be a part of this Internal-Addresses.JPG
Hope it helps
0
 

Author Comment

by:ACS2012
ID: 37814624
Hi all,

Now the VPN is work without error in the TMG, I can connect via the VPN and I can see my connection in the TMG server.

But i’m facing a problem; I can’t access anything in my network.

I check the IP taken via the VPN, it’s the same from the list which I specify in the VPN configuration.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 6

Expert Comment

by:emadallan
ID: 37815625
try to create a dns rule in your both side of TMG that allow : source internal lan+ localhost+ vpnsite1 to connect to destination of your vpn site2 and vice versa
0
 

Author Comment

by:ACS2012
ID: 37815664
hi emadallan,

how i can do that?

is there a requirements to add a static route for the VPN IP range?
0
 
LVL 6

Expert Comment

by:emadallan
ID: 37815676
no, it's not a problem of static route, just open your TMG Console and add a firewall rule that allow dns, smb(in case u want to access sharing files) protocols in both side of TMG
0
 
LVL 6

Expert Comment

by:emadallan
ID: 37815687
this is an URL that describe the principales of creating a firewall rules, then you specify the protocols you want:
http://retrohack.com/let-me-out-configuring-outbound-access-rules-in-tmg-2010/
0
 

Author Comment

by:ACS2012
ID: 37815721
i already have a rule to allow everything between internal and VPN users
0
 
LVL 6

Expert Comment

by:emadallan
ID: 37816843
even if you have everythings rule!! it will not works, so create a specific rule as mentioned and make its priority before the everythings rule!!
0
 

Author Comment

by:ACS2012
ID: 37818883
i'm still face the same problem, the VPN user is connected but i can't access anything in the network.

please see the attached.
1.JPG
2.JPG
3.JPG
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 37825242
You could try looking at the session, with TMG logging, monitor for the username in question - Clientusername.

Other thing, do other router know for TMG VPN users network 172.16.105.1 - .125?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question